<%#
 Copyright 2008-2009 Steven Barth <steven@midlink.org>
 Copyright 2008-2015 Jo-Philipp Wich <jow@openwrt.org>
 Licensed to the public under the Apache License 2.0.
-%>

<%-

	require "luci.sys.iptparser"
	local wba = require "luci.tools.webadmin"
	local fs = require "nixio.fs"
	local io = require "io"

	local has_ip6tables = fs.access("/usr/sbin/ip6tables")
	local mode = 4

	if has_ip6tables then
		mode = luci.dispatcher.context.requestpath
	    mode = tonumber(mode[#mode] ~= "iptables" and mode[#mode]) or 4
	end

	local ipt = luci.sys.iptparser.IptParser(mode)

	local rowcnt = 1
	function rowstyle()
		rowcnt = rowcnt + 1
		return (rowcnt % 2) + 1
	end

	function link_target(t,c)
		if ipt:is_custom_target(c) then
			return '<a href="#rule_%s_%s">%s</a>' %{ t:lower(), c, c }
		end
		return c
	end

	function link_iface(i)
		local net = wba.iface_get_network(i)
		if net and i ~= "lo" then
			return '<a href="%s">%s</a>' %{
				url("admin/network/network", net), i
			}

		end
		return i
	end

	local tables = { "Filter", "NAT", "Mangle", "Raw" }
	if mode == 6 then
		tables = { "Filter", "Mangle", "Raw" }
		local ok, lines = pcall(io.lines, "/proc/net/ip6_tables_names")
		if ok and lines then
			local line
			for line in lines do
				if line == "nat" then
					tables = { "Filter", "NAT", "Mangle", "Raw" }
				end
			end
		end
	end
-%>

<%+header%>

<script type="text/javascript" src="<%=resource%>/cbi.js"></script>
<style type="text/css">
	span:target {
		color: blue;
		text-decoration: underline;
	}
</style>

<h2 name="content"><%:Firewall Status%></h2>

<% if has_ip6tables then %>
<ul class="cbi-tabmenu">
	<li class="cbi-tab<%= mode ~= 4 and "-disabled" %>"><a href="<%=url("admin/status/iptables/4")%>"><%:IPv4 Firewall%></a></li>
	<li class="cbi-tab<%= mode ~= 6 and "-disabled" %>"><a href="<%=url("admin/status/iptables/6")%>"><%:IPv6 Firewall%></a></li>
</ul>
<% end %>

<div class="cbi-map" style="position: relative">

	<form method="post" action="<%=url("admin/status/iptables_action")%>" style="position: absolute; right: 0">
		<input type="hidden" name="token" value="<%=token%>" />
		<input type="hidden" name="family" value="<%=mode%>" />
		<input type="submit" class="cbi-button" name="zero" value="<%:Reset Counters%>" />
		<input type="submit" class="cbi-button" name="restart" value="<%:Restart Firewall%>" />
	</form>

	<div class="cbi-section">

		<% for _, tbl in ipairs(tables) do chaincnt = 0 %>
			<h3><%:Table%>: <%=tbl%></h3>

			<% for _, chain in ipairs(ipt:chains(tbl)) do
				rowcnt    = 0
				chaincnt  = chaincnt + 1
				chaininfo = ipt:chain(tbl, chain)
			%>
				<h4  id="rule_<%=tbl:lower()%>_<%=chain%>">
					<%:Chain%> <em><%=chain%></em>
					(<%- if chaininfo.policy then -%>
						<%:Policy%>: <em><%=chaininfo.policy%></em>, <%:Packets%>: <%=chaininfo.packets%>, <%:Traffic%>: <%=wba.byte_format(chaininfo.bytes)-%>
					<%- else -%>
						<%:References%>: <%=chaininfo.references-%>
					<%- end -%>)
				</h4>

				<div class="cbi-section-node">
					<div class="table" style="font-size:90%">
						<div class="tr table-titles cbi-rowstyle-<%=rowstyle()%>">
							<div class="th hide-xs"><%:Pkts.%></div>
							<div class="th nowrap"><%:Traffic%></div>
							<div class="th col-5"><%:Target%></div>
							<div class="th"><%:Prot.%></div>
							<div class="th"><%:In%></div>
							<div class="th"><%:Out%></div>
							<div class="th"><%:Source%></div>
							<div class="th"><%:Destination%></div>
							<div class="th col-9 hide-xs"><%:Options%></div>
						</div>

						<% for _, rule in ipairs(ipt:find({table=tbl, chain=chain})) do %>
							<div class="tr cbi-rowstyle-<%=rowstyle()%>">
								<div class="td"><%=rule.packets%></div>
								<div class="td nowrap"><%=wba.byte_format(rule.bytes)%></div>
								<div class="td col-5"><%=rule.target and link_target(tbl, rule.target) or "-"%></div>
								<div class="td"><%=rule.protocol%></div>
								<div class="td"><%=link_iface(rule.inputif)%></div>
								<div class="td"><%=link_iface(rule.outputif)%></div>
								<div class="td"><%=rule.source%></div>
								<div class="td"><%=rule.destination%></div>
								<div class="td col-9 hide-xs"><%=#rule.options > 0 and luci.util.pcdata(table.concat(rule.options, " ")) or "-"%></div>
							</div>
						<% end %>

						<% if rowcnt == 1 then %>
							<div class="tr cbi-rowstyle-<%=rowstyle()%>">
								<div class="td" colspan="9"><em><%:No rules in this chain%></em></div>
							</div>
						<% end %>
					</div>
				</div>
			<% end %>

			<% if chaincnt == 0 then %>
				<em><%:No chains in this table%></em>
			<% end %>

			<br /><br />
		<% end %>
	</div>
</div>

<%+footer%>
